Privacy Policy for sign/translate
Effective date: 20 June 2025
This Privacy Policy describes how sign.mt ltd (“we”, “us”, “our”) collects, uses, and safeguards
your personal data when you interact with the sign/translate service
available at sign.mt and its related applications.
We process information in accordance with the General Data Protection Regulation (GDPR) and
the Swiss Federal Act on Data Protection (FADP), and we review
this notice periodically to ensure it remains accurate and up-to-date.
1. Who We Are
sign.mt ltd is the data controller responsible for any personal data processed in connection with sign/translate.
You can reach our privacy team at privacy@sign.mt for any inquiries or to exercise your data-protection rights.
Our guiding principle is data-minimisation.
Whenever feasible, processing happens locally on your device, limiting the amount of information transmitted across the internet.
Remote processing is performed only when necessary to deliver high-quality translation and accessibility features.
2. What Data We Collect and Why
When you submit text for translation, our backend records the request, a salted-and-hashed version of your IP address, the target and source language,
and diagnostic details that help us keep the service reliable and secure.
For the spoken-to-signed translation feature, the full input is logged because we need it to evaluate and improve sign-language rendering quality.
These logs reside in Google Cloud Logs and Google BigQuery on encrypted storage and are automatically deleted once they are no longer operationally required.
If you opt in through our cookie banner, we gather aggregated analytics such as page paths, browser type, device category, and language settings.
This data, processed through Google Analytics, helps us understand overall usage patterns and prioritise product improvements.
Declining or later withdrawing consent stops analytics collection immediately.
Certain advanced features—specifically text normalisation and vocalisation—send your input to OpenAI’s ChatGPT API for processing.
These requests are covered by the OpenAI Privacy Policy.
3. Legal Bases for Processing
We rely on performance of a contract under Article 6(1)(b) GDPR to deliver translations you explicitly request.
Diagnostic logging is processed under our legitimate interests in maintaining service integrity under Article 6(1)(f).
Analytics and optional features that send data to third parties are processed on the basis of your explicit consent under Article 6(1)(a).
You may revoke consent at any time without affecting the lawfulness of processing carried out before withdrawal.
4. Data Security
All information is stored on encrypted infrastructure hosted on Google Cloud.
Access is restricted to authorized personnel, and all third-party providers operate under GDPR-aligned data-processing agreements.
5. International Transfers
Where data leaves Switzerland or the EEA—including transfers to the United States—we rely on the EU Standard Contractual Clauses (SCCs) and comparable Swiss mechanisms to ensure an essentially equivalent level of protection as required by GDPR and FADP.
6. Your Rights
You have the right to request access, rectification, erasure, restriction of processing, and portability of your personal data,
as well as the right to object to certain processing activities.
Please note that because we anonymize request logs and remove direct identifiers,
we may be unable to locate any data that can be linked back to you personally.
To exercise any of these rights, contact us at privacy@sign.mt.
You also have the right to lodge a complaint with your local supervisory authority.
7. Updates to This Policy
We update this Privacy Policy when our technology, legal obligations, or data-handling practices change.
The most recent version is always available at sign.mt, and the “Effective date” above reflects the date of the latest substantive revision.